splice and splice-net

Cybersecurity for Operational Technology and Sensor Networks

What is Splice?

Splice actively prevents cyber-physical attacks through vulnerability shielding.

Splice combines a number of advanced machine learning, encryption, virtualization, security and networking concepts to secure legacy OT/ICS/SCADA and modern I-IoT sensor environments. Splice has been specifically designed to require no or minimal reconfiguration and interruption to existing production processes. An encrypted overlay network is established to abstract the OT network in converged OT/IT environments. This is done without requiring any addressing changes on field equipment, HMI's or controllers, and allows for logical isolation and control enhancements (such as authentication offloading and vulnerability shielding) to be built into the network core.

Splice provides access control, behavioral profiling, Intrusion Detection, and forensic audit trail of all OT control network traffic. Splice allows you to take back control over insecure API's. Vulnerability Shielding techniques are used to encapsulate and strengthen insecure API's. Powerful profiling, outlier detection and deterministic analysis algorithms are used to detect anomalous communication between OT devices.

Cybersplice for OT security and IoT security: the logical alternative to air-gaps

Splice in action

Splice is deployed at the City of Cape Town, enabling secure management of Smart city infrastructure across various disciplines, including Transportation, Surveillance and Facilities Management.

Splice provides deep visibility of expected and anomalous activity on these networks and shields vulnerable OT communications inside the encrypted Splice overlay network. Using Splice advanced visualizations, the City was able to identify and mitigate high risk areas, and eliminate avoidable risks to the networks. Splice also provides asset discovery and management, a key requirement to enable secure management of this OT network.

What is Splice-net?

Splice-NET builds a dedicated encrypted overlay network on top of existing carrier infrastructure, providing our customers with a secure private IoT network. Splice-NET is enabled by Splice.

Splice-NET is carrier independent, allowing sensor networks to expand across carrier footprints, and allowing for high availability by rerouting overlay traffic through alternate carriers.

Customers remain in full control of encryption keys and therefore fully in charge of their sensor networks, even where traffic traverse hostile or untrustworthy networks.

Quick intro



With Splice there is no need to touch the actual equipment or code.


Splice overcomes device and controller vulnerabilities by building vulnerability shielding, authentication, authorisation and access controls into the network layer.


Splice logically isolates targets in an encrypted overlay network for centralised profiling, segregation and Intrusion Detection.


Splice enables sensitive real world interfacing devices to co-exist securely inside existing IT networks.



Vulnerability Shielding

IT security practices do not always translate well for OT security or IoT security purposes. For various reasons, it may not be viable to patch vulnerabilities in HMI's and PLC's.

SPLICE provides a way to mitigate these vulnerabilities through Vulnerability Shielding by injecting authentication code into the existing communication flow. When a sensitive function is accessed, SPLICE takes over from the normal application flow and requests OTP or password verification before forwarding the request through to the HMI. Using Vulnerability Shielding, Role Based Access Control (with or without two factor authentication) can be built into legacy applications without touching the application code. Vulnerability Shielding works with both legacy and AJAX/websockets based applications.

Latest news

12 December, 2020

GE medical devices backdoors

Ultrasound and imaging systems with   hardcoded passwords
22 July, 2020

More Israeli water facilities targeted

First targeted in April   , authorities raised alert   following latest attacks.
26 June, 2020

Ripple20 said to impact 100's millions IoT devices

Ripple20, a series of vulnerbilities in the widely deployed   Treck TCP/IP stack  will have far reaching implications.
10 June, 2020

Honda plants halt production after cyber attack

Ransomware attack causes shut down of some of Honda's production lines. Could this be collateral damage  collateral damage  or a targeted attack?
21 May, 2020

Steel plant operations impacted by Cybersecurity incident

Bluescope steel reported a  cyber incident  causing disruptions to it's Australian operations.
5 February, 2020

Hackers hijacking Building Access Systems

Hackers are Hijacking Vulnerable Smart Building Access Systems to Launch DDoS Attacks.
5 February, 2020

Crypto malware targeting ICS systems

EKANS ransomware actively targets certain products common in ICS environments.
8 August, 2019

Urgent/11 VxWorks vulnerabilities cause widespread exposure of Operational Technology

Easy-to-exploit vulnerabilities in VxWorks can impact physical safety, utilities, healthcare devices and more, setting the stage for widespread worm attacks.

View all news entries